Environment & Secrets
All configuration for tripplan.ing is managed through environment variables and GitHub Environments. This page is the complete inventory.
GitHub Environments
The CI/CD pipeline uses two GitHub Environments:
development— for the dev/staging deploymentproduction— for the production deployment
Each environment has variables (non-sensitive) and secrets (encrypted).
Required variables
Set these as GitHub Environment variables (non-secret):
| Variable | Example | Description |
|---|---|---|
CF_ACCOUNT_ID | abc123def456 | Cloudflare account ID |
WORKER_NAME | tripplan (prod) / tripplan-dev (dev) | Worker name |
D1_DATABASE_ID | abc123-... | D1 database UUID |
D1_DATABASE_NAME | tripplan-db | D1 database name |
KV_NAMESPACE_ID | abc123-... | KV namespace UUID |
R2_BUCKET_NAME | tripplan-storage | R2 bucket name |
PLATFORM_DOMAIN_SUFFIX | tripplan.ing | Default domain suffix for events |
PLATFORM_OPERATOR_EMAILS | admin@tripplan.ing | Comma-separated operator emails |
DOCS_WORKER_NAME | tripplan-docs | Docs site worker name |
Required secrets
Set these as GitHub Environment secrets (encrypted):
| Secret | Description |
|---|---|
CF_DEPLOY_API_TOKEN | Cloudflare API token with Workers/D1/KV/R2 deploy permissions |
STRIPE_SECRET_KEY | Stripe API secret key (test or live) |
STRIPE_WEBHOOK_SECRET | Stripe webhook signing secret |
MAILGUN_API_KEY | Mailgun API key for sending emails |
MAILGUN_DOMAIN | Mailgun domain (e.g., mg.tripplan.ing) |
Optional secrets
These are only needed if the corresponding feature is enabled for an event:
| Secret | Description |
|---|---|
PAYPAL_CLIENT_ID | PayPal app client ID |
PAYPAL_CLIENT_SECRET | PayPal app secret |
PAYPAL_WEBHOOK_ID | PayPal webhook ID |
PAYPAL_SANDBOX | true for sandbox, false for live |
Per-environment examples
Development
bash
# Variables
CF_ACCOUNT_ID=TODO_CF_ACCOUNT_ID
WORKER_NAME=tripplan-dev
D1_DATABASE_ID=TODO_D1_DATABASE_ID
D1_DATABASE_NAME=tripplan-db-dev
KV_NAMESPACE_ID=TODO_KV_NAMESPACE_ID
R2_BUCKET_NAME=tripplan-storage-dev
PLATFORM_DOMAIN_SUFFIX=dev.tripplan.ing
PLATFORM_OPERATOR_EMAILS=operator@tripplan.ing
DOCS_WORKER_NAME=tripplan-docs-dev
# Secrets
CF_DEPLOY_API_TOKEN=TODO_CF_DEPLOY_API_TOKEN
STRIPE_SECRET_KEY=sk_test_...
STRIPE_WEBHOOK_SECRET=whsec_...
MAILGUN_API_KEY=key-...
MAILGUN_DOMAIN=mg.dev.tripplan.ing
# PayPal (optional — only needed if PayPal is enabled for an event)
PAYPAL_CLIENT_ID=TODO_PAYPAL_CLIENT_ID
PAYPAL_CLIENT_SECRET=TODO_PAYPAL_CLIENT_SECRET
PAYPAL_WEBHOOK_ID=TODO_PAYPAL_WEBHOOK_ID
PAYPAL_SANDBOX=trueProduction
bash
# Variables
CF_ACCOUNT_ID=TODO_CF_ACCOUNT_ID
WORKER_NAME=tripplan
D1_DATABASE_ID=TODO_D1_DATABASE_ID
D1_DATABASE_NAME=tripplan-db
KV_NAMESPACE_ID=TODO_KV_NAMESPACE_ID
R2_BUCKET_NAME=tripplan-storage
PLATFORM_DOMAIN_SUFFIX=tripplan.ing
PLATFORM_OPERATOR_EMAILS=operator@tripplan.ing
DOCS_WORKER_NAME=tripplan-docs
# Secrets
CF_DEPLOY_API_TOKEN=TODO_CF_DEPLOY_API_TOKEN
STRIPE_SECRET_KEY=sk_live_...
STRIPE_WEBHOOK_SECRET=whsec_...
MAILGUN_API_KEY=key-...
MAILGUN_DOMAIN=mg.tripplan.ing
# PayPal (optional — only needed if PayPal is enabled for an event)
PAYPAL_CLIENT_ID=TODO_PAYPAL_CLIENT_ID
PAYPAL_CLIENT_SECRET=TODO_PAYPAL_CLIENT_SECRET
PAYPAL_WEBHOOK_ID=TODO_PAYPAL_WEBHOOK_ID
PAYPAL_SANDBOX=falseCopy-ready example files are at:
.github/environments/development.env.example.github/environments/production.env.example
Runtime secret mapping
The CI workflow pushes these as Wrangler secrets to the deployed Worker:
| CI secret | Worker secret |
|---|---|
STRIPE_SECRET_KEY | STRIPE_SECRET_KEY |
STRIPE_WEBHOOK_SECRET | STRIPE_WEBHOOK_SECRET |
MAILGUN_API_KEY | MAILGUN_API_KEY |
MAILGUN_DOMAIN | MAILGUN_DOMAIN |
PAYPAL_CLIENT_ID | PAYPAL_CLIENT_ID |
PAYPAL_CLIENT_SECRET | PAYPAL_CLIENT_SECRET |
PAYPAL_WEBHOOK_ID | PAYPAL_WEBHOOK_ID |
PAYPAL_SANDBOX | PAYPAL_SANDBOX |
Platform env vars are set as Worker bindings via wrangler.toml:
| Binding | Source |
|---|---|
PLATFORM_OPERATOR_EMAILS | Worker environment variable |
PLATFORM_DOMAIN_SUFFIX | Worker environment variable |
Per-event overrides
Some secrets can be overridden per-event in the settings table:
| Setting | Overrides | Purpose |
|---|---|---|
stripeSecretKey | STRIPE_SECRET_KEY | Use a different Stripe account per event |
stripeWebhookSecret | STRIPE_WEBHOOK_SECRET | Per-event webhook secret |
paypalClientId | — | Per-event PayPal credentials |
paypalClientSecret | — | Per-event PayPal credentials |
paypalWebhookId | — | Per-event PayPal webhook |
paypalSandbox | — | Use PayPal sandbox mode |
Service setup guides
For step-by-step instructions on creating accounts and getting credentials, see Mailgun (Email), Stripe (Payments), and PayPal (Payments).
Local development
For local dev, create a .dev.vars file in the project root:
bash
# Optional — only needed for payments/email features
STRIPE_SECRET_KEY=sk_test_...
STRIPE_WEBHOOK_SECRET=whsec_...
MAILGUN_API_KEY=key-...
MAILGUN_DOMAIN=mg.example.com
# PayPal (optional)
PAYPAL_CLIENT_ID=
PAYPAL_CLIENT_SECRET=
PAYPAL_WEBHOOK_ID=
PAYPAL_SANDBOX=true
# Platform config
PLATFORM_OPERATOR_EMAILS=dev@localhost
PLATFORM_DOMAIN_SUFFIX=localhost
# Dev convenience
ENABLE_DEV_BYPASS=trueThe Node runtime reads from .dev.vars or process.env. Most features work without external credentials when dev bypass is enabled.
AppEnv interface
All environment variables are accessed through the AppEnv interface:
typescript
interface AppEnv {
db: Database;
kv: KvStore;
blobs: BlobStore;
STRIPE_SECRET_KEY: string;
STRIPE_WEBHOOK_SECRET: string;
PAYPAL_CLIENT_ID: string;
PAYPAL_CLIENT_SECRET: string;
PAYPAL_WEBHOOK_ID: string;
PAYPAL_SANDBOX: string;
MAILGUN_API_KEY: string;
MAILGUN_DOMAIN: string;
PLATFORM_OPERATOR_EMAILS: string;
PLATFORM_DOMAIN_SUFFIX: string;
}Related pages
- Cloudflare Workers — resource setup and go-live checklist
- CI/CD Pipeline — how secrets are used during deployment
- Local Development —
.dev.varsfor local config